#!/bin/bash RED='\033[0;31m' GREEN='\033[0;32m' NC='\033[0m' # No Color clear # Function to print status with a checkmark print_status() { echo -e "${GREEN}✔${NC} ${1} completed." } echo -e "${RED}→${NC} Starting System Update..." sudo apt update >>/var/log/install 2>&1 && print_status "System Update" sudo apt upgrade -y >>/var/log/install 2>&1 && print_status "System Upgrade" sudo apt dist-upgrade -y >>/var/log/install 2>&1 && print_status "System Dist-Upgrade" sudo apt autoremove -y >>/var/log/install 2>&1 && print_status "Autoremove" sudo apt clean >>/var/log/install 2>&1 && print_status "Clean" echo -e "${RED}→${NC} Installing required packages..." sudo apt install --no-install-recommends xserver-xorg x11-xserver-utils xinit chromium-browser fonts-noto-color-emoji nfs-common watchdog xdotool rsync -y >>/var/log/install 2>&1 && print_status "Required packages installed" sudo apt install realvnc-vnc-server overlayroot -y >>/var/log/install 2>&1 && print_status "VNC and Overlayroot installed" echo -e "${RED}→${NC} Creating user 'loginuser'..." sudo adduser --disabled-password --gecos "" loginuser >>/var/log/install 2>&1 && print_status "User 'loginuser' created" echo -e "${RED}→${NC} Setting permissions for 'loginuser'..." sudo tee /etc/sudoers.d/loginuser >/dev/null << 'EOF' loginuser ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart watchdog, /usr/bin/systemctl restart chromium-monitor loginuser ALL=(ALL) NOPASSWD: /usr/bin/echo, /usr/bin/cp, /usr/bin/sed loginuser ALL=(ALL) NOPASSWD: /usr/sbin/reboot, /usr/sbin/dhclient eth0, /usr/bin/fbset loginuser ALL=(ALL) NOPASSWD: /usr/bin/cat /var/lib/dhcp/* EOF sudo usermod -aG video loginuser >>/var/log/install 2>&1 && print_status "Permissions for 'loginuser' set" echo -e "${RED}→${NC} Disabling root login..." sudo tee /etc/ssh/sshd_config >/dev/null << 'EOF' PermitRootLogin no EOF sudo passwd -l root >>/var/log/install 2>&1 && print_status "Root login disabled" echo -e "${RED}→${NC} Copying required files..." sudo rsync -a --numeric-ids --info=progress2 --no-owner --no-group \ ./rps-client/boot/ro-root.sh /boot/ro-root.sh \ ./rps-client/boot/firmware/ro-root.sh /boot/firmware/ro-root.sh \ ./rps-client/etc/dhcp/dhclient.conf /etc/dhcp/dhclient.conf \ ./rps-client/etc/systemd/system/watchdog.service /etc/systemd/system/watchdog.service \ ./rps-client/etc/systemd/system/chromium-monitor.service /etc/systemd/system/chromium-monitor.service \ ./rps-client/etc/systemd/system/getty@tty1.service.d/override.conf /etc/systemd/system/getty@tty1.service.d/override.conf \ ./rps-client/etc/chromium/policies/managed/disable_password_saving.json /etc/chromium/policies/managed/disable_password_saving.json \ ./rps-client/home/loginuser/.bash_profile /home/loginuser/.bash_profile \ ./rps-client/home/loginuser/.xinitrc /home/loginuser/.xinitrc \ ./rps-client/home/wis/.ssh/id_rsa.pub /home/wis/.ssh/id_rsa.pub \ ./rps-client/root/remove_unused_kernel.sh /root/remove_unused_kernel.sh \ ./rps-client/root/.vnc/config.d/vncserver-x11 /root/.vnc/config.d/vncserver-x11 \ ./rps-client/usr/bin/chromium-monitor /usr/bin/chromium-monitor \ ./rps-client/usr/bin/watchdog /usr/bin/watchdog/watchdog >>/var/log/install 2>&1 && print_status "Required files copied" echo -e "${RED}→${NC} Setting file permissions..." sudo chown loginuser:loginuser -R /home/loginuser >>/var/log/install 2>&1 && print_status "File permissions set" echo -e "${RED}→${NC} Enabling services..." sudo systemctl daemon-reload >>/var/log/install 2>&1 && print_status "Daemon reloaded" sudo systemctl enable watchdog chromium-monitor vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "Services enabled" sudo systemctl restart getty@tty1 >>/var/log/install 2>&1 && print_status "getty service restarted" # Ask user about cleaning unused kernels echo -e "${RED}→${NC} Do you want to clean up unused kernels? (yes/y/ye to proceed):" read -r clean_kernels if [[ "$clean_kernels" =~ ^[Yy](e[Ss]?)?$ ]]; then echo -e "${RED}→${NC} Cleaning up unused kernels..." sudo bash /root/remove_unused_kernel.sh -u -e >>/var/log/install 2>&1 && print_status "Unused kernels cleaned up" else echo -e "${RED}→${NC} Skipping unused kernel cleanup." fi echo -e "${RED}→${NC} Cleaning up installer..." sudo rm -rf ./rps-client >>/var/log/install 2>&1 && print_status "Installer cleaned up" echo -e "${GREEN}✔${NC} Installation complete. Press any key to reboot..." read -n 1 -s sudo reboot # Version 1.2: # Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspian as custom pxe init script.